big risks requires big data thinking
TRANSCRIPT
Forensic Data Analytics
2015
Big risks requires big data thinkingForensic data analytics use cases
Vincent WaldenPartner, EYNovember 17, 2015
Page 2
Agenda
► Key analytics trends in fraud risk management► “Big data thinking”► Anti-fraud use case examples:
► Employee and vendor transaction risk scoring► Payment stream analysis► Text mining and dashboards to find potentially improper payments► Social media analytics► Email analytics, emotive tone and Fraud Triangle Analytics► Cyber monitoring and events
► Integrating visualization into your risk managementplatform
Page 3
The forensic data analytics landscape
► The regulators are upping their game► Be ready - the regulators are investing in advanced monitoring
technology
► Big risks requires “big data” thinking► New approaches to counter fraud and compliance monitoring,
beyond simple rules-based tests
► Compliance fatigue? Analytics can help► Analytics can help improve efficiency and program effectiveness to
help compliance functions audit and monitor smarter – saving bothtime and valuable resources
Page 4
Upping their game: SEC priorities aroundforensic data analytics
-U.S. SEC Chair Mary Jo White, prepared testimonybefore the Senate Appropriations Subcommittee,May 14, 2014
Page 5
FDA business landscapeData analytics is continued focus area in guidance
COSO: Internal Controls IntegratedFramework1. Principal #8: Fraud Risk Assessment (COSO 2013)2. New guidance coming in December 2015 will have
significant focus on the use of proactive forensicsdata analytics
ACFE Report to the Nation on Occupational Fraud1. For those companies with proactive data analytics in place, the
cost per fraud incident was 59.7% lower (roughly $100,000lower per incident) than those companies not using proactivedata analytics – more than any other control listed in thesurvey.
2. Further, the median duration of fraud based on the presence ofproactive data analytics was half the time at 12 months vs 24months.
See 2014 ACFE Report the Nations on Occupational Fraud, Figures 37 and 38
Page 6
Forensic data analytics maturity modelBeyond traditional “rules-based queries” – consider all four quadrants
False Positive RateHigh Low
Stru
ctur
edD
ata
Detection RateLow High
Uns
truc
ture
dD
ata
“Traditional” rules-Based Queries &Analytics
Matching, Grouping, Ordering,Joining, Filtering
Statistical-Based Analysis
Anomaly Detection, ClusteringRisk Ranking
Traditional Keyword Searching
Keyword Search
Data Visualization & Text Mining
Data visualization, drill-down intodata, text mining
Page 7
Big data thinking
Page 8
Definition of Big Data
Gartner: Big Data is high volume,velocity and variety information assetsthat demand cost-effective, innovativeforms of information processing forenhanced insight anddecision making.
Page 9
Big data techniques for counter fraud
► Multiple data sources
► Data visualization
► Text analytics
► Payment/transaction risk scoring
► Predictive modeling – technology assisted monitoring
► Pattern & link analysis
► Flexible deployment models
Page 10
Anti-fraud use case examples
Page 11
Employee risk scoring - Travel &entertainment expense monitoring
Page 12
Vendor risk scoring - potentially improperpayments
Page 13
Text mining dashboard - paymentdescriptions
Page 14
Text mining dashboard – drill down
Page 15
Text mining dashboard – word clouds andstratification
Page 16
Social media analytics
Page 17
Email analytics: Emotive tone – secretive,angry, derogatory emails
Page 18
Email analytics: Fraud triangle analytics
Fraud Triangle Analytics: Pressure/Opportunity/RationalizationEmployee term analysis
Term hit frequency over time
Page 19
Cyber monitoring
Page 20
Surveillance monitoring: executive dashboard
► Aggregate view of risks,by incident
► Quick synopsis ofrisk profile
Page 21
Surveillance monitoring: management dashboardRisk ranking summary at the trader (employee) level
► Risk score by personnel ► Interactive dashboards
Page 22
Management alert screenTrader alert initiation
► Create customizedalerts
► Transparency across multiple data sources:trades, voice, email, chat, entertainment, etc.
Page 23
Trader communication review screen – textanalytics using Watson Content Analytics
► Sentiment analysishighlighted using WCA
► Issue codingand tagging
Page 24
Integrating visualization into your riskmanagement platform
Page 25
How is fraud detected?50% by tip or accident demonstrates the need
for improved analytics
2014 ACFE Report to the Nation on Occupational Fraud
Page 26
Start with the “Fraud Tree” of schemes
Fraud tree
Cashlarceny
Theft ofother assets– inventory/
AR/fixed assets
Revenuerecognition
Nonfinancial
Conflictsof
interest
Bribery andcorruption/
FCPAIllegal
gratuitiesBid-rigging/procurement
Corruption Fraudulent statements
Asset misappropriation
Fakevendor
Payrollfraud
T&Efraud
Theft ofdata
GAAP Reserves
General focus of auditors
General focus ofinternal auditors
General focus of the regulators(opportunity for Auditors and Investigators)
Page 27
Today’s biggest forensic data analytics (FDA)challenges
Source: 2014 EY Global Forensic Data Analytics Survey (www.ey.com/fdasurvey)
2%
3%
3%
4%
5%
5%
6%
6%
8%
9%
10%
10%
15%
15%
26%
0% 5% 10% 15% 20% 25% 30%
Uncertainty about the relevance of FDA in the Company
FDA producing positive results to indicate and prove any fraud or…
FDA is not prevalent to the culture
Huge volume of data to analyze
To identify fraudulent information across large data sets
Lack of human resources or manpower to operate FDA
Spreading the FDA culture across different Business Units
Difficulty in adapting FDA to comply with different regulations in…
Poor quality or lack of accuracy in the data
To prevent fraud rather than discover fraud
FDA is too expensive
Convincing senior management or the company about the benefits of…
Improving the quality of the analysis process
Challenges with combining data across various IT systems
Getting the right tools or expertise for FDA
Page 28
Integrating dashboards into an boarder fraud riskmanagement platform
Visualization: Detectfraud within a businessprocess
Case Management: Assigntasks, flag transactions anddelegate projects for review
Statistical: Apply fraudinsights and automatedalerts to take action inreal or near time –when it matters
Pattern & Link: Uncoverhidden fraud andrelationships
Detect
Investigate
Respond
Discover
Page 29
An enterprise approach, based on solutions
Entity and SocialNetwork analytics
Predictiveanalytics
Behavioral /Geospatial
PrioritizedIncidents
Businessintelligence
Context / Textanalytics
Decisionmanagement
Contentmanagement
Casemanagement
Forensicanalysis
Beneficiaries
Legal & compliance(including M&A)
Internal Audit
Big Data, scalable platform, delivered on desktop or mobile device
► Flexible approaches, reports andcapabilities for each beneficiary
► Changing risks requires flexible tools► Knowing “who is who” is key to
identifying patterns & opportunities► Reduced false positives, better ROI► Cross enterprise view of exposures► Expedient audits/ investigations► Data transparency, no “black box”
Data Governance and Collaboration
Shared Services& Finance
BU Leadership& Corporate
Internal Sources
External Sources
Otherbeneficiaries
Enterprise PlatformSecurity
intelligence &Cyber
Socialmedia feeds
Shared svcs.data feeds
ERP systems
Sanctions &watchlists
News feeds &adverse media
Internalreports &communications
Master &reference data
EmbeddedIntelligence
ActivityMonitoring
Dark Web
Page 30
Five success factors in deploying FDA
1. Focus on the low hanging fruit, the priority of the first projectmatters
2. Go beyond traditional “rules-based” tests – incorporate big datathinking
3. Communicate: share information on early successes acrossdepartments / business units to gain broad support
4. Leadership gets it funded, but interpretation of the results byexperienced or trained professionals make the program successful
5. Enterprise-wide deployment takes time, don’t expect overnightadoption
Page 31
Questions or discussion
